Amazon (SAA-C03) Exam Questions And Answers page 29
A company is running a three-tier web application to process credit card payments. The front-end user interface consists of static webpages. The application tier can have long-running processes. The database tier uses MySQL.
The application is currently running on a single, general purpose large Amazon EC2 instance. A solutions architect needs to decouple the services to make the web application highly available.
Which solution would provide the HIGHEST availability?
The application is currently running on a single, general purpose large Amazon EC2 instance. A solutions architect needs to decouple the services to make the web application highly available.
Which solution would provide the HIGHEST availability?
Move static assets and the application into a medium EC2 instance. Leave the database on the large instance. Place both instances in an Auto Scaling group.
Move static assets to Amazon S3. Move the application to AWS Lambda with the concurrency limit set. Move the database to Amazon DynamoDB with on-demand enabled.
Move static assets to Amazon S3. Move the application to Amazon Elastic Container Service (Amazon ECS) containers with Auto Scaling enabled. Move the database to Amazon RDS to deploy Multi-AZ.
Define Performant Architectures
Design Cost-Optimized Architectures
A company is running a two-tier ecommerce website using AWS services. The current architect uses a publish-facing Elastic Load Balancer that sends traffic to Amazon EC2 instances in a private subnet. The static content is hosted on EC2 instances, and the dynamic content is retrieved from a MySQL database. The application is running in the United States. The company recently started selling to users in Europe and Australia. A solutions architect needs to design solution so their international users have an improved browsing experience.
Which solution is MOST cost-effective?
Which solution is MOST cost-effective?
Host the entire website on Amazon S3.
Use Amazon CloudFront and Amazon S3 to host static images.
Increase the number of public load balancers and EC2 instances.
Deploy the two-tier website in AWS Regions in Europe and Australia.
Design Cost-Optimized Architectures
A company is running a two-tier ecommerce website using services. The current architect uses a publish-facing Elastic Load Balancer that sends traffic to Amazon EC2 instances in a private subnet. The static content is hosted on EC2 instances, and the dynamic content is retrieved from a MYSQL database. The application is running in the United States. The company recently started selling to users in Europe and Australia. A solutions architect needs to design solution so their international users have an improved browsing experience.
Which solution is MOST cost-effective?
Which solution is MOST cost-effective?
Host the entire website on Amazon S3.
Use Amazon CloudFront and Amazon S3 to host static images.
Increase the number of public load balancers and EC2 instances.
Deploy the two-tier website in AWS Regions in Europe and Australia.
Design Cost-Optimized Architectures
A company is running several business applications in three separate VPCs within the eu-east-1 Region. The applications must be able to communicate between VPCs. The applications also must be able to consistently send hundreds of gigabytes of data each day to a latency-sensitive application that runs in a single on-premises data center.
A solutions architect needs to design a network connectivity solution that maximizes cost-effectiveness.
Which solution meets these requirements?
A solutions architect needs to design a network connectivity solution that maximizes cost-effectiveness.
Which solution meets these requirements?
Configure three AWS Site-to-Site VPN connections from the data center to AWS. Establish connectivity by configuring one VPN connection for each VPC.
Launch a third-party virtual network appliance in each VPC. Establish an IPsec VPN tunnel between the data center and each virtual appliance.
Set up three AWS Direct Connect connections from the data center to a Direct Connect gateway in us-east-1. Establish connectivity by configuring each VPC to use one of the Direct Connect connections.
Set up one AWS Direct Connect connection from the data center to AWS. Create a transit gateway, and attach each VPC to the transit gateway. Establish connectivity between the Direct Connect connection and the transit gateway.
Design Cost-Optimized Architectures
A company is seeing access requests by some suspicious IP addresses. The security team discovers the requests are from different IP addresses under the same CIDR range.
What should a solutions architect recommend to the team?
What should a solutions architect recommend to the team?
Add a rule in the inbound table of the security to deny the traffic from that CIDR range.
Add a rule in the outbound table of the security group to deny the traffic from that CIDR range.
Add a deny rule in the inbound table of the network ACL with a lower number than other rules.
Add a deny rule in the outbound table of the network ACL with a lower rule number than other rules.
Define Performant Architectures
Specify Secure Applications and Architectures
A company is selling up an application to use an Amazon RDS MySQL DB instance. The database must be architected for high availability across Availability Zones and AWS Regions with minimal downtime.
How should a solutions architect meet this requirement?
How should a solutions architect meet this requirement?
Set up an RDS MySQL Multi-AZ DB instance. Configure an appropriate backup window.
Set up an RDS MySQL Multi-AZ DB instance. Configure a read replica in a different Region.
Set up an RDS MySQL Single-AZ DB instance. Configure a read replica in a different Region.
Set up an RDS MySQL Single-AZ DB instance. Copy automated snapshots to at least one other Region.
Design Resilient Architectures
Define Performant Architectures
A company is selling up an application to use an Amazon RDS MySQL DB instance. The database must be architected for high availability across Availability Zones and AWS Regions with minimal downtime.
How should a solutions architect meet this requirement?
How should a solutions architect meet this requirement?
Set up an RDS MySQL Multi-AZ DB instance. Configure an appropriate backup window.
Set up an RDS MySQL Multi-AZ DB instance. Configure a read replica in a different Region.
Set up an RDS MySQL Single-AZ DB instance. Configure a read replica in a different Region.
Set up an RDS MySQL Single-AZ DB instance. Copy automated snapshots to at least one other Region.
Design Resilient Architectures
Define Performant Architectures
A company is storing sensitive user information in an Amazon S3 bucket. The company wants to provide secure access to this bucket from the application tier running on Amazon EC2 instances inside a VPC.
Which combination of steps should a solutions architect take to accomplish this? (Choose two.)
Which combination of steps should a solutions architect take to accomplish this? (Choose two.)
Configure a VPC gateway endpoint for Amazon S3 within the VPC.
Create a bucket policy to make the objects in the S3 bucket public.
Create a bucket policy that limits access to only the application tier running in the VPC.
Create an IAM user with an S3 access policy and copy the IAM credentials to the EC2 instance.
Create a NAT instance and have the EC2 instances use the NAT instance to access the S3 bucket.
Define Performant Architectures
Specify Secure Applications and Architectures
A company is using a centralized AWS account to store log data in various Amazon S3 buckets. A solutions architect needs to ensure that the data is encrypted at rest before the data is uploaded to the S3 buckets. The data also must be encrypted in transit.
Which solution meets these requirements?
Which solution meets these requirements?
Use client-side encryption to encrypt the data that is being uploaded to the S3 buckets.
Use server-side encryption to encrypt the data that is being uploaded to the S3 buckets.
Create bucket policies that require the use of server-side encryption with S3 managed encryption keys (SSE-S3) for S3 uploads.
Enable the security option to encrypt the S3 buckets through the use of a default AWS Key Management Service (AWS KMS) key.
Specify Secure Applications and Architectures
A company is using a fleet of Amazon EC2 instances to ingest data from on-premises data sources. The data is in JSON format and ingestion rates can be as high as 1 MB/s. When an EC2 instance is rebooted, the data in-flight is lost. The company s data science team wants to query ingested data in near-real time.
Which solution provides near-real-time data querying that is scalable with minimal data loss?
Which solution provides near-real-time data querying that is scalable with minimal data loss?
Publish data to Amazon Kinesis Data Streams. Use Kinesis Data Analytics to query the data.
Publish data to Amazon Kinesis Data Firehose with Amazon Redshift as the destination. Use Amazon Redshift to query the data.
Store ingested data in an EC2 instance store. Publish data to Amazon Kinesis Data Firehose with Amazon S3 as the destination. Use Amazon Athena to query the data.
Store ingested data in an Amazon Elastic Block Store (Amazon EBS) volume. Publish data to Amazon ElastiCache for Redis. Subscribe to the Redis channel to query the data.
Design Resilient Architectures
Define Performant Architectures
Comments